An image of a letter being caught by a fishing pole with the text "Gone Phishing"

Menu Display


Asset Publisher

PHISHING: New dates for payroll

Why this looks valid

  • The email includes a Marist logo
  • The email says it is from Marist payroll
  • The website looks exactly like the valid Marist College sign on page
  • After entering credentials, it asks for a Duo passcode on a page that looks exactly like the Duo prompt

Why this is phishing

  • The from address is not a email
  • The orange EXTERNAL EMAIL banner shows that it came from off-campus
  • The Marist College sign-in page is not a website
  • The Duo page is not a website and does not allow any Duo authentication options except for a passcode 

Additional notes

  • This is an extremely dangerous phishing attempt. If you clicked on the link and filled in your Marist credentials and a Duo passcode, please contact the Help Desk immediately at x4357 (HELP) or (please note that just clicking on the website is not harmful and poses no risk to your computer or information).
  • How does this work? After putting in your Marist credentials, a new page asks for a Duo passcode. If you put in the passcode, attackers will use your Marist credentials to log into your Marist account, and input the Duo passcode in order to complete mutli-factor authentication. Since you have not actually used the code, the attacker can use it to get into your account.
  • Spelling and grammatical errors are good indicators of malicious emails.
  • Remember:  always check the link.  You can hover over the link in the email to ensure that it goes to the service referenced in the email. On a mobile device, you can tap and hold the link to preview the page and see the website location.
  • Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing.
  • A little paranoia goes a long way! Be suspicious of any email messages similar to this one.